<?php
/*
//  Copyright (C) 2007 Max Plischke
//  Original Author: Max Plischke <plischke@gmail.com>
//  Link: http://code.google.com/p/open-club-directory/
// 
//  This file is part of the Open-Club-Directory Project.
//
//  Open-Club-Directory is free software: you can redistribute it and/or 
//  modify it under the terms of the GNU General Public License as published by
//  the Free Software Foundation, either version 3 of the License, or
//  (at your option) any later version.
//
//  Open-Club-Directory is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU General Public License for more details.
//
//  You should have received a copy of the GNU General Public License
//  along with Open-Club-Directory.
//  If not, see <http://www.gnu.org/licenses/>.
*/

require_once 'appinclude.php';
require_once 'funcinclude.php';

$secret = $appsecret;
$sig = '';
ksort($_POST);
foreach ($_POST as $key => $val) {
    if ($key == 'fb_sig') {
        continue;
    }
    $sig .= substr($key, 7) . '=' . $val;
}
$sig .= $secret;
$verify = md5($sig);
if ($verify == $_POST['fb_sig']) {
    if($_POST["fb_sig_uninstall"]==1){
		$link = mysql_connect($_mysql_server, $_mysql_user, $_mysql_password) or die();
		mysql_select_db($_mysql_db) or die();
		$member = member($_POST["fb_sig_user"]);
		if ($member!=false) {
			$query = sprintf("DELETE FROM users where fb_id=%d LIMIT 1", 		
				$_POST["fb_sig_user"]);
			$result = mysql_query($query) or die();
		}
		mysql_close($link);
	}
} else {
    mail($_admin_email, 'hack?', $_POST["fb_sig_user"]);
}

?>